Access Control

Questions and Answers

What are the four parts of access control?

Identification, authentication, authorization, and accountability (correct)

Identification, authorization, accountability, and action

Identification, authentication, authorization, and access

Identification, authentication, allowance, and accountability

What is the difference between physical and logical access controls?

Physical access controls restrict access to physical resources like buildings and parking lots, while logical access controls restrict access to computer systems and networks. (correct)

Logical access controls are only used for human resources systems.

Physical access controls are more secure than logical access controls.

Physical access controls restrict access to computer systems and networks, while logical access controls restrict access to physical resources like buildings and parking lots.

What is the purpose of access control policies?

To track user actions without restricting access.

To allow a specific group of users to perform a particular set of actions on a particular set of resources. (correct)

To allow all users to access any resources.

To restrict all users from accessing any resources.

What are the five types of authentication?

Knowledge, ownership, characteristics, location, and action.

What is a brute-force attack?

A method used by attackers to crack passwords by trying every possible combination of characters.

What are the four central components of access control policies?

Users, resources, actions, and relationships.

Why is access control important?

To protect resources from unauthorized use and ensure that actions can be traced back to individuals.

What is the difference between static and dynamic biometrics?

Static biometrics are physiological measures, while dynamic biometrics are behavioral measures.

What are examples of static biometrics?

Fingerprints, palm prints, and hand geometry.

What are examples of behavioral biometrics?

Voice patterns, keystroke dynamics, and signature dynamics.

What is the purpose of security controls?

To minimize the risk of attack for resources.

What are the different types of cloud computing models?

Private, public, and community clouds.

What is the difference between private and community clouds?

Private clouds are operated for a single organization, while community clouds provide services for several organizations.

What is the purpose of hybrid clouds?

To extend the limitations of more restrictive environments.

What is a firewall?

A combination of hardware and software that filters or prevents specific information from moving between the outside and inside networks

What is the trusted network?

The system of networks inside the organization that contains its information assets and is under the organization’s control

What is the untrusted network?

The system of networks outside the organization over which the organization has no control

What is the major category of processing mode for packet-filtering firewalls?

Packet-filtering firewalls

At what layer of the OSI model do packet-filtering firewalls inspect packets?

Network layer or Layer 3

What is the difference between dynamic and static packet-filtering firewalls?

Dynamic packet-filtering firewalls can react to network traffic and create or modify configuration rules to adapt, while static packet-filtering firewalls require the configuration rules to be manually created, sequenced, and modified within the firewall

What is an application layer proxy firewall?

A device capable of functioning both as a firewall and an application layer proxy server, frequently installed on a dedicated computer separate from the filtering router, but commonly used in conjunction with it

What is a firewall?

A combination of hardware and software that filters or prevents specific information from moving between the outside and inside networks

What is the trusted network?

The system of networks inside the organization that contains its information assets and is under the organization’s control

What is the untrusted network?

The system of networks outside the organization over which the organization has no control

At what layer of the OSI model do packet-filtering firewalls inspect packets?

Network layer or Layer 3

What is the difference between dynamic and static packet-filtering firewalls?

Dynamic packet-filtering firewalls can react to network traffic and create or modify configuration rules to adapt, while static packet-filtering firewalls require the configuration rules to be manually created, sequenced, and modified within the firewall

What is an application layer proxy firewall?

A device capable of functioning both as a firewall and an application layer proxy server, frequently installed on a dedicated computer separate from the filtering router, but commonly used in conjunction with it

What type of firewall operates at the media access control sublayer of the network’s data link layer?

Media access control layer firewall

Which type of hybrid firewall combines traditional firewall functions with other network security functions, such as deep packet inspection, IDPSs, and the ability to decrypt encrypted traffic?

Packet filtering firewall

What is the purpose of a firewall?

To filter out unwanted or dangerous traffic as it enters the network perimeter of an organization

Which firewall architecture uses a highly secured computer system that is placed outside the organization's network and is designed to withstand attacks from the internet?

Single bastion hosts

What is the purpose of a DMZ in a screened subnet firewall architecture?

To isolate servers that are accessible from both the internet and internal network but are isolated from each other

What are the three factors that determine the best firewall architecture for a particular organization?

The objectives of the network, the organization’s ability to develop and implement the architectures, and the budget available for the function

What is the main difference between a packet filtering firewall and an application layer proxy firewall?

Packet filtering firewalls operate at the media access control sublayer of the network’s data link layer, while application layer proxy firewalls operate at the application layer of the OSI model

Study Notes

Understanding Access Control: Four-Part System, Categories, Policies, and Authentication

• Access control is used to restrict and allow access to resources like computers, homes, and smartphones.
• The four parts of access control are identification, authentication, authorization, and accountability.
• Identification asks "who" is requesting access, authentication verifies the requester's identity, authorization determines what the requester can access, and accountability tracks actions to individuals.
• Access control has two phases: policy definition and policy enforcement.
• Physical access controls restrict access to physical resources like buildings and parking lots, while logical access controls restrict access to computer systems and networks.
• Access control policies are a set of rules that allow a specific group of users to perform a particular set of actions on a particular set of resources.
• The four central components of access control policies are users, resources, actions, and relationships.
• There are five types of authentication: knowledge, ownership, characteristics, location, and action.
• Brute-force and dictionary attacks are common methods used by attackers to crack passwords.
• A brute-force attack involves trying every possible combination of characters, while a dictionary attack hashes words in a dictionary and compares them to the system password file.
• Examples of logical access controls for a human resources system include deciding which users can access sensitive information, monitoring user actions, and restraining or influencing user behavior.
• Access control is important for protecting resources from unauthorized use and ensuring that actions can be traced back to individuals.

Biometrics, Security Controls, and Cloud Computing

• Biometrics can be used for both identification and authentication.
• Biometric measures can be categorized as static (physiological) or dynamic (behavioral).
• Examples of static biometrics include fingerprints, palm prints, and hand geometry.
• Retina and iris scans, as well as facial recognition, are also types of biometrics.
• Behavioral biometrics include voice patterns, keystroke dynamics, and signature dynamics.
• Security controls are mechanisms that minimize the risk of attack for resources.
• Breaches in access control can result in disclosure of private information, data corruption, loss of business intelligence, and damage to equipment or systems.
• Cloud computing is the practice of using computing services delivered over a network.
• Cloud services can be provided through private, community, public, or hybrid cloud models.
• Private clouds are operated for a single organization, while community clouds provide services for several organizations.
• Public clouds are available to unrelated organizations or individuals and are managed by a third-party provider.
• Hybrid clouds contain components of more than one type of cloud and are useful for extending the limitations of more restrictive environments.

Firewalls and Their Processing Modes

• A firewall is a combination of hardware and software that filters or prevents specific information from moving between the outside and inside networks.
• The trusted network is the system of networks inside the organization that contains its information assets and is under the organization’s control.
• The untrusted network is the system of networks outside the organization over which the organization has no control.
• Firewalls prevent specific types of information from moving between two different levels of networks, such as an untrusted network like the Internet and a trusted network like the organization’s internal network.
• Firewalls fall into several major categories of processing modes: packet-filtering firewalls, application layer proxy firewalls, media access control layer firewalls, and hybrids.
• Packet-filtering firewalls examine the header information of data packets that come into a network and scan network data packets looking for compliance with the rules of the firewall’s database or violations of those rules.
• Packet-filtering firewalls inspect packets at the network layer or Layer 3 of the OSI model, which represents the seven layers of networking processes.
• Dynamic packet-filtering firewalls can react to network traffic and create or modify configuration rules to adapt.
• Static packet-filtering firewalls require the configuration rules to be manually created, sequenced, and modified within the firewall.
• Stateful packet inspection (SPI) firewalls keep track of each network connection between internal and external systems using a state table and that expedites the filtering of those communications.
• Application layer proxy firewalls are devices capable of functioning both as a firewall and an application layer proxy server, frequently installed on a dedicated computer separate from the filtering router, but commonly used in conjunction with it.
• The application firewall is also known as a proxy server because it can be configured to run special software that acts as a proxy for a service request, placed in an unsecured area of the network or in the demilitarized zone (DMZ) to expose the proxy server to higher levels of risk from less trusted networks, rather than exposing the Web server to such risks.

Description

Test your knowledge of access control with this informative quiz! From the four-part system to authentication methods, this quiz covers all the essentials of access control. Learn about the different types of access control, the phases of policy creation and enforcement, and the importance of access control policies. You'll also get a chance to test your understanding of logical access controls and the methods attackers use to crack passwords. So, challenge yourself and see how much you know about access control!